История изменений
Исправление constin, (текущая версия) :
про ldap с UserMixin, поподробней.
как-то так:
models.py
import flask_login
from flask_ldap3_login import LDAP3LoginManager
from flask_login import LoginManager, login_user, UserMixin, current_user
from flask_ldap3_login.forms import LDAPLoginForm
...
class User(UserMixin):
def __init__(self, dn, username, data):
self.dn = dn
self.username = username
self.data = data
self.displayName = data['displayName']
user_email = username[0] + '.' + username[1:] + '@' + app.config.get('EMAIL_DOMAIN')
self.mail = user_email
def __repr__(self):
return self.dn
def get_id(self):
return self.dn
@login_manager.user_loader
def load_user(id):
if id in users:
return users[id]
return None
@ldap_manager.save_user
def save_user(dn, username, data, memberships):
if data.get("memberOf"):
#if current_app.config.get('ACCESS_GROUP') in data.get("memberOf"):
if app.config['ACCESS_GROUP'] in data.get("memberOf"):
user = User(dn, username, data)
users[dn] = user
return user
....
__init.py__
from flask import Flask
from flask_ldap3_login import LDAP3LoginManager
from flask_login import LoginManager
app = Flask(__name__)
....
app.config['LDAP_HOST'] = 'xxxx.xxxx.xxxx'
app.config['LDAP_PORT'] = 636
app.config['LDAP_BASE_DN'] = 'dc=xxxx,dc=xxx'
app.config['LDAP_USER_DN'] = 'cn=Users'
app.config['LDAP_GROUP_DN'] = 'cn=Groups'
app.config['LDAP_USER_RDN_ATTR'] = 'cn'
app.config['LDAP_USER_LOGIN_ATTR'] = 'cn'
app.config['LDAP_BIND_USER_DN'] = 'cn=ldapsearch,cn=users,dc=xxxxx,dc=xxxx'
app.config['LDAP_GROUP_OBJECT_FILTER'] ='(objectclass=group)'
app.config['LDAP_BIND_USER_PASSWORD'] = 'xxxxxx'
app.config['LDAP_USE_SSL'] = True
login_manager = LoginManager(app)
ldap_manager = LDAP3LoginManager(app)
...
router.py
....
@app.route("/logout")
@flask_login.login_required
def logout():
flask_login.logout_user()
return redirect('/login')
@app.route('/login', methods=['GET', 'POST'])
def login():
login_form = LDAPLoginForm()
if login_form.validate_on_submit():
# Successfully logged in, We can now access the saved user object
# via form.user.
if login_form.user:
login_user(login_form.user)
return redirect('/newuser')
#login_user(form.user) # Tell flask-login to log them in.
else:
flash('Login Failed', 'warning')
return redirect('login')
return redirect('/')
return render_template('login.html', login_form=login_form)Исходная версия constin, :
про ldap с UserMixin, поподробней.
как-то так:
models.py
import flask_login
from flask_ldap3_login import LDAP3LoginManager
from flask_login import LoginManager, login_user, UserMixin, current_user
from flask_ldap3_login.forms import LDAPLoginForm
...
class User(UserMixin):
def __init__(self, dn, username, data):
self.dn = dn
self.username = username
self.data = data
self.displayName = data['displayName']
user_email = username[0] + '.' + username[1:] + '@' + app.config.get('EMAIL_DOMAIN')
self.mail = user_email
def __repr__(self):
return self.dn
def get_id(self):
return self.dn
@login_manager.user_loader
def load_user(id):
if id in users:
return users[id]
return None
@ldap_manager.save_user
def save_user(dn, username, data, memberships):
if data.get("memberOf"):
#if current_app.config.get('ACCESS_GROUP') in data.get("memberOf"):
if app.config['ACCESS_GROUP'] in data.get("memberOf"):
user = User(dn, username, data)
users[dn] = user
return user
....
__init.py__
from flask import Flask from flask_ldap3_login import LDAP3LoginManager from flask_login import LoginManager
app = Flask(__name__)
....
app.config['LDAP_HOST'] = 'xxxx.xxxx.xxxx' app.config['LDAP_PORT'] = 636 app.config['LDAP_BASE_DN'] = 'dc=xxxx,dc=xxx' app.config['LDAP_USER_DN'] = 'cn=Users' app.config['LDAP_GROUP_DN'] = 'cn=Groups' app.config['LDAP_USER_RDN_ATTR'] = 'cn' app.config['LDAP_USER_LOGIN_ATTR'] = 'cn' app.config['LDAP_BIND_USER_DN'] = 'cn=ldapsearch,cn=users,dc=xxxxx,dc=xxxx' app.config['LDAP_GROUP_OBJECT_FILTER'] ='(objectclass=group)' app.config['LDAP_BIND_USER_PASSWORD'] = 'xxxxxx' app.config['LDAP_USE_SSL'] = True
login_manager = LoginManager(app) ldap_manager = LDAP3LoginManager(app)
...
router.py
....
@app.route("/logout")
@flask_login.login_required
def logout():
flask_login.logout_user()
return redirect('/login')
@app.route('/login', methods=['GET', 'POST'])
def login():
login_form = LDAPLoginForm()
if login_form.validate_on_submit():
# Successfully logged in, We can now access the saved user object
# via form.user.
if login_form.user:
login_user(login_form.user)
return redirect('/newuser')
#login_user(form.user) # Tell flask-login to log them in.
else:
flash('Login Failed', 'warning')
return redirect('login')
return redirect('/')
return render_template('login.html', login_form=login_form)